 Hey, what's up YouTube? Welcome back to the YouTube video on the Capture to Flag competition held by Google just this past weekend. I'm still going over some of the beginners quest challenges and this one I want to showcase Floppy 2. So I didn't solve this actually during the competition because I'm not that good, I'm a noob, but after reading through some write-ups I did want to showcase what a solution I found was and something that I think other people got to work as well. So this carries off of the Floppy challenge originally that we have everything for it's another folder created specifically for the competition GCTF for Google CTF and in our Floppy complete thing we were able to actually extract some files out of the icon that it had previously and in that extracted folder we had the driver.txt which had the flag for the original challenge Floppy 1 really and we had another file www.com and we never got a chance to take a look at this but this is the prompt for Floppy 2. Looks like you found a way to open the file on the Floppy but that www.com file looks suspicious. So there's an interesting note here because the driver.txt file has this string in case of emergency run www.com but www.com looks like nothing really it just looks like there's some junk in here www.com. The Fubanizer 9000 is no longer on the off hub DMZ but I don't know what all this stuff is however in the context of run it's got to be some kind of executable maybe or like a program so some people may be getting ahead of me but the com file extension is a lot like command.com for old like the older version of cmd.exe or the command prompt that you've seen in Windows. So it is a executable file kind of based off of DOS and old school Microsoft DOS. So I wanted to figure out how we can run this and I figured well I'll look at DOSbox. If you don't have DOSbox installed if you're on Linux you can just sudo apt install DOSbox again only if apt or aptitude is your package manager if you're on on Ubuntu it should be so you can run DOSbox after you've installed it and now we can start to actually poke at this computer program or this www.com file I don't know if I can increase this text size I really wish I could I have no idea okay we're going to work with it so if I wanted to get because right now I'm in the Z drive as you can see so I can dir and there's some stuff in here but it's not what we're expecting we want to be in the current directory that we're working in our terminal so we have to mount a different drive to the current directory we're in so just a period that'll say mount c is mounted as local directory there so we can switch to c colon now you can see I'm in the c drive and I can dir and we have driver dot text www.com and the zip archive blah blah blah actually let's move this stuff to a new directory because we do want our own floppy 2 directory before I get ahead of myself floppy completes the extracted stuff www.com let's bring it here good so now I can DOSbox and again mount c to where I am switch to the c drive dir we've got www.com so if I run this just typing in the executable name it doesn't do anything seemingly otherwise or other than just the fubonizer 9000 is no longer on the off-line DMC so we'll just printed that string that we saw in the file not very helpful no flag printed out for us so I wanted to see how else can we do this and again I didn't do this during the actual competition because I didn't really know what I was looking at but after reading some write-ups which you should totally do check them out on CTF time the smarter idea is to try and debug this program or see what it's doing or see if we can like look at what it does in memory stuff like that so you can normally run DOSbox and if you have it compiled with the debug mode enabled you can press alt and the pause key or alt pause I had to I have to hit a function key on my keyboard and maybe that screw and stuff up but otherwise it's not opening on my computer I don't have it compiled like that I tried to do it and we can start to go down that track but I just want to show you I wasn't able to get it successfully and maybe you will have some better ideas or explanation as to why my compile wouldn't work um let's let's try that DOSbox compile from source and if you're looking through all the stuff you'll be able to see I think it was like Vogos let's just get to DOSbox DOSbox here there's a download am I looking at the right thing geez yeah okay so the source is here which you can get on source forage Vogos compile debug DOSbox we can open some of these there are other threads that talk about this but the creator on this form here which looks to be like official thing for DOSbox I think honestly can't tell but the creator's in here um and we can download the source code let's try this I'm going to put this in opt because that's where I put most of my stuff and I think I already have a directory already set so just for DOSbox do it do what I say just for continuity shake to to to show you I'm going to remove that directory and do it all from scratch so um let's make directory opt DOSbox and I will need to sudo that because opt is not usually a place we can write into so I want to actually change the ownership of that to me cool so now we should be able to write in that stuff and we had a download link here over at source forage can I please get that one more time so once we've got the source CD opt DOSbox I can gunzip this tar xvf to extract that bundle here and if you actually check out the install directions you can see these are some dependencies that you may need I needed to install stlconfig and if you type stl-config if you don't have it already installed it'll recommend something for you in bash and I also need to do install like lib and curses five dev or something um because I needed that supposedly but even after I installed some of those dependencies I think I'm missing some of these optional ones but I would think it would still be able to work regardless it says if you're building on Linux systems you can just run configure and make like you would normally for compiling from source and you can enable the bug if you wanted to actually run that um so let's try that let's try config and I'm going to do enable the bug let's set heavy on maybe that will work who knows configure work just fine for me after I got those dependencies done but after I tried to make I get all these errors and I'm too newbish and afraid of these c compile errors to actually take a look at them so I didn't get it to compile I didn't get it to build or work for me um so I moved on from this so I went back to my gctf floppy 2 directory and figured well I could probably just download like debug.com and run it through DOSbox because the debugger is like a DOS program debug.com and enhanced debug looked like was a package that actually had it as sketchy as it was to be downloading off softpedia I don't know if I can actually is that is that like a sketchy place to download things from I don't know but I got the zip archive um let's put it in our gctf folder for this challenge and we can unzip that so now we've got debug.com and debugx.com so let's get DOSbox going and I'll mount c to this directory and I'll run it debug after I switch to that drive now we can run debug.com so we're giving this hyphen here and that's just a prompt to denote okay we're waiting for standard input use a question mark I tried to poke around with like help and other things to actually get me some help commands but the question mark seemed to be the one that worked and it listed out some things we can do here if you wanted to you can check it out debug command debug.com command help maybe and I was able to find this document page that at least got into a little bit more description and explanation of what these commands were doing but I wanted to see if I could dump some of the memory after it had ran this program so I wanted to see this dump it looks like D was the little command to do it and you can see here in the DOSbox explanation they have the thing that you're trying to do like the function you want to run essentially and the command to do it it's just a letter with arguments you can pass to it so if I wanted to run www.com it looked like we could hit like go or proceed either of the two and it will run them so let's try and quit out of this debug.com with www.com if I were to hit G to go it runs okay so now if I hit D to dump I'm not getting a whole lot but I can actually probably dump more I didn't specify a range here but I can dump again and we'll start to move through some of the some of the memory that happened or that actually went through and was executed with the www.com so in this block of nonsense you can see the hex in the middle and they ask you on the right just like you're used to for a hex dump and in this mess I see a flag format just kind of on the very very bottom here CTF good old DOS for the win let's take note of that terminal here nano flag dot text CTF and G00D FTW cool let's cat that give it to X clip so we've got it in our clipboard nice and let's try and submit that and see if it will take that flag nice it did it just like that floppy 2 is done so honestly I was kind of moving around in the dark here because I didn't know a whole lot about DOS and this debugger especially if we were to give it arguments maybe or the range of things for it to actually dump maybe we could get more out of this or not I couldn't really tell because it looked like it took it as an address up there when I ran it previously it was going zero 100 unsure but figured I could show you and maybe you as a viewer will probably have a little bit more understanding or be able to help me out with why I can't compile DOS box from source so thank you guys for watching hope you're enjoying some of these videos just showcasing how I'm getting some solutions and walking through some write-ups but you should totally check them out yourself on CTFTime.org thanks for watching hey if you do like these videos please do press that like button let me leave me a comment let me know what you think and subscribe if you're willing see you soon